intelligent
// FEATURE //
tTell us about the level of sophistication we see in today ’ s threat landscape , particularly when it comes to the endpoint ?
If we look at the early reports of 2021 , or review the key incidents , there are a few key words that will quickly surface : ransomware , phishing attacks , Business Email Compromise ( BEC ), supply chain attacks , data breaches or data exfiltration .
We can group these attacks into two key categories : fast-evolving attacks and slow and stealthy attacks . Both can be very aggressive , both can be targeted and both can cause massive impact for any organisation in the world .
Without minimising the importance of fighting off ransomware and other aggressive fastevolving attacks , I will focus on the slow and stealthy type of attacks . Here we include the likes of supply chain attacks , phishing for company or state secrets and exfiltration of entire databases during months of undetected malicious activity .
The prevalence of these complex threats increased dramatically over the last few years and a question worth asking at this point is – who is affected by this class of attacks ? You might think that it only applies to large organisations . These are the notorious cases that make it to the media . But this couldn ’ t be further from the truth .
Smaller organisations are increasingly facing advanced cyberthreats , either to become a gateway towards a larger target during a supply chain attack or by being a collateral victim in a larger attack . The advanced attack techniques are so prevalent today that no organisation should consider itself safe .
Let ’ s talk Endpoint Detection and Response ( EDR ) – how has this historically been used as part of advanced threat prevention ?
Historically , cyberdefences relied mostly on the prevention capabilities that are built into endpoint protection platforms and this approach provided acceptable results for many years .
“
BY ACKNOWLEDGING THE REAL POSSIBILITY OF BEING BREACHED , MANY ORGANISATIONS ADOPTED EDR SOLUTIONS TO COMPLEMENT PREVENTION CAPABILITIES AND TO INCREASE THE RESILIENCE OF ORGANISATIONS FACED WITH ADVANCED CYBERATTACKS .
Intelligent SME . tech 29
. tech